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DETAILED ACTION 



1. 



Claims 1-18 are pending. 



2. 



This is a Non-Final rejection. 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis 
for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 3 and 12-18 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Chang, et al. (US 6,963,972). 
As per claim 3: 

Chang, et al. discloses a system for providing network security, comprising: 

means for receiving a request to perform a cryptographic operation; (col.6, lines 

65-67 and col.7, lines 8-12) 

means for returning a response to the cryptographic operation request; (col.6, 

lines 40-45 and col.11, lines 55-63) 

means for translating a first plurality of cleartext data into a second plurality of 



cleartext data in accordance with at least one translation rule; and (col.4, lines 13-19 
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and col. 6, lines 30-33; Chang discloses transcoding refers to the technique of 
transforming multimedia content from a first original format into a second format 
(col.1, lines 16-20). The terms translation, content repurposing, content 
adaptation, reformatting, data transformation, media conversion, format 
conversion, and filtering are often used synonymously for transcoding (col. 2, 
lines 23-27). The claimed translating a first cleartext data into a second plurality 
of cleartext data is where Chang transcode or convert an original format into a 
second format.) 

at least one module for performing said cryptographic operations, said 
cryptographic operations including obtaining the first plurality of cleartext data based 
upon a first plurality of encrypted data (col.4, lines 9 and 20-22 and col. 10, lines 52- 
62), and encrypting the second plurality of cleartext data to obtain a second plurality of 
encrypted data, (col.7, lines 50-58 and col. 10, lines 1-12) 
As per claim 12: See col.7, lines 34-35; discussing at least one cryptographic 
module is a cryptographically strong pseudorandom number generator. 
As per claim 13: See col.6, lines 40-67; discussing the cryptographic operations are 
performed using cryptographic acceleration hardware. 

As per claim 14: See col.6, lines 40-67; discussing the cryptographic acceleration 
hardware includes a plurality of individual hardware acceleration units. 
As per claim 15: See col.6, lines 65-67; discussing at least one individual hardware 
acceleration unit is dedicated to one function. 

As per claim 16: See col. 3, lines 21-28; discussing the cryptographic acceleration 
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hardware is updateable by loading at least one cryptographically signed instruction. 
As per claim 17: See col.9, lines 59-67; discussing the cryptographic acceleration 
hardware is tamper-resistant. 

As per claim 18: See col.9, lines 59-67; discussing the cryptographic acceleration 
hardware is tamper-evident. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1 and 4-11 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over Grabelsky, et al. (US 7,032,242), and further in view of Zarom 

(US 6,356,529). 

As per claim 1: 

Grabelsky, et al. discloses a method for providing network security, comprising the 
steps of: 

receiving a plurality of network protocol packets, wherein a network protocol 
packet includes a network protocol header (col. 20, lines 49-50) and a plurality of 
network protocol data, and wherein the network protocol data include a first 
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cryptographic protocol header (col. 21, lines 17-21) and a first plurality of encrypted 
data, at least a portion of at least some of the network protocol packets being 
configured in accordance with a transport layer protocol or a network layer protocol; 
(col.11, lines 55-56) 

determining a first plurality of cryptographic protocol rules associated with the 
network protocol data; (col. 21, lines 4-13 and col. 22, lines 63-55) 

establishing a cryptographic session, if required by said first cryptographic rules; 
(col. 24, lines 34-40) 

applying the first plurality of cryptographic protocol rules to the first encrypted 
data to obtain a first plurality of cleartext data; (col. 23, lines 49-62; the claimed 
applying a cryptographic protocol rules to the encrypted data is logically to 
decrypt the received encrypted data in order to obtain the cleartext data as 
claimed. Grabelsky discloses for inbound packets at the receiving endpoint 
where the IP packet includes an ESP header and determines the appropriate SA. 
The SA indicates what encryption techniques should be used for the decryption 
whereby decryption involves using a key, decryption technique, and 
cryptographic synchronization data if any, is indicated by the SA (col. 23, lines 55- 
61). The first plurality of cleartext data can broadly be given as decryption of the 
inbound data. Thus, Grabelsky reads on the claimed invention.) 

[translating the first plurality of cleartext data into a second plurality of cleartext 
data in accordance with at least one translation rule] 
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encrypting the second plurality of cleartext data in accordance with at least one 
rule associated with a second cryptographic protocol, resulting in a second plurality of 
encrypted data, (col.23, lines 27-32; The second plurality of cleartext data can 
broadly be given as outbound data, where sending data to another endpoint 
obviously needs protection. Hence, Grabelsky discloses the sending endpoint 
encapsulates into the ESP payload data-field and original upper layer protocol 
information for the transport mode using the selected encryption technique. 
Grabelsky reads on the encrypting with the rule associated with a cryptographic 
protocol.) 

However, Grabelsky did not provide translating the first plurality of cleartext data 
into a second plurality of cleartext data in accordance with at least one translation rule. 

Zarom discloses a method and system for translating data transmitted according 
to the WAP network protocols in the lower protocol layers rather than requiring the 
packet to be transformed into higher layers (col.4, lines 52-64). Zarom discloses there 
is an increasing demand for different types of communication services through the 
increasing popular portable electronic devices (col.1, lines 14-22) that there is a need to 
extend the power and efficacy of operation of portable, wireless electronic 
communication devices. WAP (wireless application protocol) has been developed and 
designed to efficiently provide both multimedia and telephony services to wireless 
communication devices (col.1, lines 24-33) and provides the required adaptations and 
modifications to such software and data transmission protocols. Such adaptations and 
modifications includes a translation system or gateway to translate HTML to form WML 
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(col.1 , lines 54-62). Zarom further suggests that current available translators in the art 
require the data to be translated only at the highest (application) level of the network 
protocols and involves two separate sessions are operated with significant delays in 
each session for the translation process (col.6, lines 28-32), where the proxy server 
waits for the translation process to be completed for each of original server and wireless 
communication device client before the translated data can be passed to the other 
session (col.2, lines 20-34 and col.3, lines 15-17). Thus, this method significantly 
decreases the efficiency of these background art translators and their translation 
process (col.2, lines 37-39 and col.6, lines 28-32). However, Zarom' solution would be 
able to pass translated information as soon as only a portion is translated according to 
rules (col.3, lines 8-15 and col. 7, lines 12-30) and the translation process is performed 
entirely at the IP level rather than at the application level (col.6, lines 21-28). Zarom 
teaches data must be converted through all of the network layers before translation and 
must be reconverted to a format which is suitable for transmission through the physical 
network media (col.2, lines 23-28). Thus, is more efficient which is able to translate 
packets more rapidly from protocol type to the other than background art translators 
(col.2, lines 40-54 and col.6, lines 32-34). Zarom discloses the translator receiving 
either regular IP packets and WAP packets or other wireless network packets (col. 7, 
lines 32-34). Zarom shows the examples of cleartext data into another cleartext data or 
(language) format translated to another format (col.3, lines 26-37): HTML to WML (col.1, 
lines 57-58), TCP packets to WTP packets (col. 7, lines 58-60), WAP to TCP packets 
(col. 9, lines 40-50), IP packet to a WAP network packet (col.6, lines 55-58). 
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Therefore, it would have been obvious for a person of ordinary skills in the art at 
the time of the invention was made to combine the teaching of Grabelsky with the 
teaching of translating the first plurality of cleartext data into a second plurality of 
cleartext data in accordance with at least one translation rule as taught by Zarom 
because translating at IP level is faster and efficient in order to effectively to 
communicate deliver content from the Internet (col.1 , lines 50-63 and col. 6, lines 21-35). 
As per claim 2: 

Grabelsky discloses a system for providing network security, comprising: 

an input module for receiving a plurality of network protocol packets (col. 20, 

lines 49-50), at least a portion of at least some of the network protocol packets being 

configured in accordance with a transport protocol or a network layer protocol; (col.11, 

lines 55-56 and col. 21, lines 17-21) 

(a translation module for translating a first plurality of data into a second plurality 

of data) 

an output module; and (col. 23, lines 21-22) 

a cryptographic module responsive to the input module and the output module for 
performing cryptographic operations, (col. 23, lines 21-62) 

However, Grabelsky did not provide a translation module for translating a first 
plurality of data into a second plurality of data. 

Zarom discloses a method and system for translating data transmitted according 
to the WAP network protocols in the lower protocol layers rather than requiring the 
packet to be transformed into higher layers (col.4, lines 52-64). Zarom discloses there 
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is an increasing demand for different types of communication services through the 
increasing popular portable electronic devices (col.1 , lines 14-22) that there is a need to 
extend the power and efficacy of operation of portable, wireless electronic 
communication devices. WAP (wireless application protocol) has been developed and 
designed to efficiently provide both multimedia and telephony services to wireless 
communication devices (col.1 , lines 24-33) and provides the required adaptations and 
modifications to such software and data transmission protocols. Such adaptations and 
modifications includes a translation system or gateway to translate HTML to form WML 
(col.1 , lines 54-62). Zarom further suggests that current available translators in the art 
require the data to be translated only at the highest (application) level of the network 
protocols and involves two separate sessions are operated with significant delays in 
each session for the translation process (col.6, lines 28-32), where the proxy server 
waits for the translation process to be completed for each of original server and wireless 
communication device client before the translated data can be passed to the other 
session (col.2 ( lines 20-34 and col.3, lines 15-17). Thus, this method significantly 
decreases the efficiency of these background art translators and their translation 
process (col.2, lines 37-39 and col.6, lines 28-32). However, Zarom's solution would be 
able to pass translated information as soon as only a portion is translated according to 
rules (col.3, lines 8-15 and col. 7, lines 12-30) and the translation process is performed 
entirely at the IP level rather than at the application level (col.6, lines 21-28). Zarom 
teaches data must be converted through all of the network layers before translation and 
must be reconverted to a format which is suitable for transmission through the physical 
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network media (col. 2, lines 23-28). Thus, is more efficient which is able to translate 
packets more rapidly from protocol type to the other than background art translators 
(col.2, lines 40-54 and col.6, lines 32-34). Zarom discloses the translator receiving 
either regular IP packets and WAP packets or other wireless network packets (col. 7, 
lines 32-34). Zarom shows the examples of cleartext data into another cleartext data or 
(language) format translated to another format (col. 3, lines 26-37): HTML to WML (col.1, 
lines 57-58), TCP packets to WTP packets (col.7, lines 58-60), WAP to TCP packets 
(col.9, lines 40-50), IP packet to a WAP network packet (col.6, lines 55-58). 

Therefore, it would have been obvious for a person of ordinary skills in the art at 
the time of the invention was made to combine the teaching of Grabelsky with the 
teaching of translating the first plurality of cleartext data into a second plurality of 
cleartext data in accordance with at least one translation rule as taught by Zarom 
because translating at IP level is faster and efficient in order to effectively to 
communicate deliver content from the Internet (coL1 , lines 50-63 and col. 6, lines 21-35). 
As per claim 4: See Zarom on col. 3, lines 8-15 and coL7, lines 12-30; discussing 
at least one translation rule is predetermined. 

As per claim 5: See Zarom on col.7, lines 12-30 and 55-67; discussing at least 
one translation rule is determined dynamically. 

As per claim 6: See Grabelsky on col.7, lines 10-12 and Zarom on col. 3, lines 
5-6; discussing the first cryptographic protocol is WTLS. 

As per claim 7: See Zarom on col.5, lines 37-46; discussing the first plurality of 
encrypted data is associated with WML. 
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As per claim 8: See Grabelsky on col.7, lines 10-12 and Zarom on col. 3, lines 
57-58; discussing second plurality of encrypted data is associated with HTML. 
As per claim 9: See Zarom on col. 8, lines 7-11; discussing the second 
cryptographic protocol is SSL over HTTP. 

As per claim 10: See Grabelsky on col. 22, lines 62-65 and col. 23, lines 50-62; 

discussing the first cryptographic protocol and the second cryptographic protocol are 
identical. 

As per claim 11: See Grabelsky on col. 22, lines 62-65 and col. 23, lines 50-62; 

discussing the first plurality of encrypted data and the second plurality of encrypted data 
conform to different revisions of a specification for the same cryptographic protocol. 



Response to Arguments 

5. Applicant's arguments, filed 2/28/2007, with respect to the rejection(s) of 
claim(s) 3 and 12-18 under Binding, et al. have been fully considered and are 
persuasive. Therefore, the rejection has been withdrawn. However, upon further 
consideration, a new ground(s) of rejection is made in view of Chang, et al. 

Claims 3 and 12-18 are now rejected with new grounds of rejection. 
Claims 1 , 2, and 4-1 1 remains rejected over the Grabelsky and Zarom 
combination. 
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Regarding the argument on pg.6, where Grabelsky does not teach or suggest 
translating a first plurality of cleartext data into a second plurality of cleartext data. 
Although Grabelsky teaches the header-field includes a type of data contained in the 
payload data-field (col.23, lines 11-17), but did not clearly point out this the translation of 
the cleartext data into another form. Thus, Zarom is brought forth to teach this 
limitation. 

The argument regarding the router of Grabelsky (pg.6-7) where the router does 
not modify contents of received, secured (IPSEC) packets since to do so would 
compromise the security of those packets is traversed. Grabelsky mentions the well 
known in the art the use of a router when Internet Protocol security is being used and 
the disadvantages of this technique. Thus, Grabelsky overcomes the problems 
associated with network address translation (col. 4, lines 34-col.5, lines 27) and rather 
than using NAT devices, DNAT can be used with IPsec to overcome the problems with 
NAT devices known in the art (col. 25, lines 49-61 ). Therefore, Grabelsky's invention 
teaches the claimed at least a portion of at least some of the network protocol packets 
being configured in accordance with a transport layer protocol or a network layer 
protocol, while establishing secure connection to an external network device using 
IPsec. 

Zarom teaches various examples of cleartext data into another cleartext data or 
(language) format translated to another format (col. 3, lines 26-37): HTML to WML (col.1 , 
lines 57-58), TCP packets to WTP packets (col.7, lines 58-60), WAP to TCP packets 
(col.9, lines 40-50), IP packet to a WAP network packet (col. 6, lines 55-58). Zarom 
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teaches it would have been obvious for a person of ordinary skills in the art to combine 
the teaching of Grabelsky with the teaching of translating the first plurality of cleartext 
data into a second plurality of cleartext data in accordance with at least one translation 
rule as taught by Zarom because the increasing demand for different types of 
communication services through the increasing popular portable electronic devices 
(col.1 , lines 14-22) that there is a need to extend the power and efficacy of operation of 
portable, wireless electronic communication devices. Thus, Zarom teaches translating 
at IP level is faster and efficient in order to effectively to communicate deliver content 
from the Internet (col.1, lines 50-63 and col.6, lines 21-35). 

As for dependent claims, they are also rejected by virtue of dependency. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to LEYNNA T. HA whose telephone number is (571) 272-3851. The 
examiner can normally be reached on Monday - Thursday (7:00 - 5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571 ) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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